@MrMeritology that vuln info in general is horrible. not just @osvdb, but all sources. @hrbrmstr doesn't think any do it right.
-
-
@attritionorg@MrMeritology@OSVDB to be fair it's "components" of vuln data that I've said shld not be used to draw conclusions w/o caveats -
@hrbrmstr@MrMeritology@OSVDB fine, but those are components of the "vuln info in general" and "sources" you use. -
@attritionorg@hrbrmstr@OSVDB Again: What are the root causes? -
@MrMeritology@hrbrmstr a) too much data to import b) not enough manpower c) no money (which could offset 'b') -
@attritionorg@hrbrmstr Sounds like something is lacking in the "biz model", both in commercial & social dimensions. What about Fed funding? -
@MrMeritology@hrbrmstr yes, our original 'biz model' was "community must want a superior vuln db, they will help!" (we were quite naive) -
@attritionorg@hrbrmstr And DatalossDB is now bundled in? Managed with same license? Same people working on it as OSVDB? -
@MrMeritology@hrbrmstr datalossdb falls under OSF like osvdb, but different people work on it, different sponsors, etc. - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.